One problem with the use if highly portable communications devices such as personal communication devices and cellular phone type devices is the provision of security measures to prevent fraud and/or theft in the use of the devices and the services that they access. Various measures have been proposed in the past to provide security in numerous applications in which it is necessary or desirable to limit access to a system.
Passwords, for example, hive been widely used to guard authorized access to computers and data. However, password verification schemes are most reliable when the password is manually entered add are not as effective when human interaction cannot be guaranteed.
In other arrangements, electronic keys or tokens are used. Possession of the key or token identifies a user as being a valid user. The lack of possession of such a key or token would indicate that the user is not who he claims to be and he is denied use of the device. However this arrangement is subject to fraud and or unauthorized access occurring if an unauthorized user gains possession of the key or token.
Various arrangements have been proposed or utilized in the past in which a biometric of a person is used to verify or authenticate identification of a system user. "Biometric" as defined, for example, in U.S. Pat. No. 5,469,506 is defined as meaning a substantially stable physical characteristic of a person which can be automatically measured and characterized for comparison. In addition, biometrics, may also include behavioral characteristics, such as the manner in which an individual writes his or her signature.
Increasingly, so called "smart cards" are used for a variety of purposes. A "smart card" is a credit card sized card that has a built-in microcontroller which enables the card to provide, modify or even create data in response to external stimuli. In many instances, the microcontroller is a single water integrated circuit which is mounted on an otherwise plastic credit card. Various smart card protection schemes have been devised to protect the unauthorized access to the data contents on such smart cards. However, conventional password schemes are not effective when used with smart cards because smart cards readers are easy and inexpensive to emulate and such readers may be programmed to check all possible password codes in a relatively short-lived period. Unauthorized persons may thus be able to steal a smart card and identify its password so that the card may be utilized.